diff options
Diffstat (limited to 'modules/viewvc')
| -rw-r--r-- | modules/viewvc/files/robots.txt | 5 | ||||
| -rw-r--r-- | modules/viewvc/files/setcookieredirect.html | 28 | ||||
| -rw-r--r-- | modules/viewvc/manifests/init.pp | 9 | ||||
| -rw-r--r-- | modules/viewvc/templates/viewvc.conf | 8 |
4 files changed, 46 insertions, 4 deletions
diff --git a/modules/viewvc/files/robots.txt b/modules/viewvc/files/robots.txt index 3e0fc5c5..dbb13834 100644 --- a/modules/viewvc/files/robots.txt +++ b/modules/viewvc/files/robots.txt @@ -6,6 +6,9 @@ User-agent: Mail.RU_Bot User-agent: MJ12bot User-agent: ClaudeBot User-agent: Amazonbot +User-agent: PetalBot +User-agent: Bytespider +User-agent: facebookexternalhit Disallow: /*/tags/ Disallow: *?view=annotate* Disallow: *?annotate=* @@ -20,5 +23,7 @@ Disallow: *view=log&* Disallow: *diff_format=* User-agent: AhrefsBot Disallow: / +User-agent: Sogou web spider +Disallow: / User-agent: * Crawl-delay: 30 diff --git a/modules/viewvc/files/setcookieredirect.html b/modules/viewvc/files/setcookieredirect.html new file mode 100644 index 00000000..fe98b9dc --- /dev/null +++ b/modules/viewvc/files/setcookieredirect.html @@ -0,0 +1,28 @@ +<!DOCTYPE html> +<html> + <head> + <title>User check</title> + <script type="text/javascript" defer> + const randomValue = "6436"; // Chosen by fair dice roll. Guaranteed to be random. + document.cookie = `session=${randomValue}; path=/; expires=${new Date(Date.now() + 24*3600*1000).toUTCString()}`; + const params = new Proxy(new URLSearchParams(window.location.search), { + get: (searchParams, prop) => searchParams.get(prop), + }); + let path = params.to; + // Sanitize redirect path to avoid malicious arbitrary redirects + if (/^\/[-a-zA-Z0-9~_.?&=/+]*$/.test(decodeURIComponent(path))) { + const current = new URL(window.location.toLocaleString()); + window.location.href = encodeURI(current.origin + decodeURIComponent(path)); + } else { + window.onload = function() { + document.getElementById('error').innerHTML = 'Error! Bad redirect location!'; + } + } + </script> + </head> + <body> + Redirecting back... + <br> + <p id="error"><!-- space for error message --></p> + </body> +</html> diff --git a/modules/viewvc/manifests/init.pp b/modules/viewvc/manifests/init.pp index 99acec90..e1d336c9 100644 --- a/modules/viewvc/manifests/init.pp +++ b/modules/viewvc/manifests/init.pp @@ -40,9 +40,18 @@ class viewvc { source => 'puppet:///modules/viewvc/robots.txt', } + file { "$viewvc_docroot/setcookieredirect.html": + ensure => present, + mode => '0644', + owner => root, + group => root, + source => 'puppet:///modules/viewvc/setcookieredirect.html', + } + $vhost_aliases = { '/viewvc' => $viewvc_docroot, '/robots.txt' => $robotsfile, + '/_check' => "$viewvc_docroot/setcookieredirect.html", } $script_aliases = { diff --git a/modules/viewvc/templates/viewvc.conf b/modules/viewvc/templates/viewvc.conf index 920aa9ed..dec74771 100644 --- a/modules/viewvc/templates/viewvc.conf +++ b/modules/viewvc/templates/viewvc.conf @@ -113,7 +113,7 @@ ## repositories may reside. Rather than force you to add a new entry ## to 'cvs_roots' or 'svn_roots' each time you create a new repository, ## ViewVC rewards you for organising all your repositories under a few -## parent directories by allowing you to simply specifiy just those +## parent directories by allowing you to simply specify just those ## parent directories. ViewVC will then notice each repository in that ## directory as a new root whose name is the subdirectory of the parent ## path in which that repository lives. @@ -326,7 +326,7 @@ mime_types_files = /etc/viewvc/mimetypes.conf, /etc/httpd/conf/mime.types #checkout_magic = 0 ## allowed_views: List the ViewVC views which are enabled. Views not -## in this comma-delited list will not be served (or, will return an +## in this comma-delimited list will not be served (or, will return an ## error on attempted access). ## Possible values: "annotate", "co", "diff", "markup", "roots", "tar" ## @@ -484,7 +484,7 @@ http_expiration_time = 600 ## #hr_funout = 0 -## hr_ignore_white: Ignore whitespace (indendation and stuff) for human +## hr_ignore_white: Ignore whitespace (indentation and stuff) for human ## readable diffs. ## ('-w' option to diff) ## @@ -650,7 +650,7 @@ log_pagesize = 100 ## directory specified by the "template_dir" configuration option (see ## the documentation for that option for details). But if you want to ## use a different template for a particular view, simply uncomment the -## appropriate option below and specify the currect location of the EZT +## appropriate option below and specify the correct location of the EZT ## template file you wish to use for that view. ## ## Templates are specified relative to the configured template |